Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9nvBHCqTRl3tDBDITL4iu0x_MZ0.roa
File: 9nvBHCqTRl3tDBDITL4iu0x_MZ0.roa (raw, json)
Hash identifier: HoI3oYut1IUdq6cxL/j/TbSauaVciFucjA0p6o5hues=
Subject key identifier: F6:7B:C1:1C:2A:93:46:5D:ED:0C:10:C8:4C:BE:22:BB:4C:7F:31:9D
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0187700CA0C4473B9A92BAD060D7D0C26227
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9nvBHCqTRl3tDBDITL4iu0x_MZ0.roa
Signing time: Tue 11 Apr 2023 11:21:28 +0000
ROA not before: Tue 11 Apr 2023 11:21:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.251.24.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Apr 2023 18:34:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:0c:a0:c4:47:3b:9a:92:ba:d0:60:d7:d0:c2:62:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 11 11:21:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f67bc11c2a93465ded0c10c84cbe22bb4c7f319d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5d:6c:81:de:56:15:0e:1b:a1:86:d0:30:18:
b1:e8:57:53:7e:89:29:13:f9:07:95:10:23:09:88:
ba:77:11:d1:c9:8b:53:16:26:80:01:6f:bf:35:b5:
34:bb:5a:90:e2:c2:d6:1e:9b:27:d5:1e:94:a4:17:
85:71:2c:68:cb:e6:88:b5:36:2d:0c:8a:14:27:9e:
23:b3:07:a0:8f:08:8a:62:d1:dd:d8:55:bb:bd:f6:
43:af:b1:99:77:b2:c6:11:0d:b0:5f:61:f7:63:f1:
4e:d9:19:69:65:cf:f4:fd:02:e4:9e:f5:3c:2f:9e:
51:4c:e7:56:93:a7:e4:77:b9:3f:e7:c5:2c:9e:85:
49:30:8f:cf:89:d7:3a:70:0e:85:1a:b9:47:05:a8:
d4:e8:1d:d6:9c:5a:6a:75:49:c3:d6:60:3b:84:2a:
76:00:64:74:73:e6:2b:eb:7f:82:47:60:36:97:a4:
30:c9:38:7c:30:5e:0e:1f:0f:58:bf:c9:92:78:8b:
8d:da:b5:af:35:82:26:1c:23:3e:90:3d:0c:36:a0:
bf:e7:93:10:44:ac:9d:57:67:c0:13:48:b1:10:8d:
ed:b2:b5:72:56:a2:fb:5d:cf:ff:2d:a5:c0:cd:8b:
6a:02:6e:ce:11:b0:88:76:97:2f:53:36:14:b5:1e:
81:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7B:C1:1C:2A:93:46:5D:ED:0C:10:C8:4C:BE:22:BB:4C:7F:31:9D
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/9nvBHCqTRl3tDBDITL4iu0x_MZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.24.0/24
89.251.27.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:58:34:1d:0b:22:2f:e2:c2:96:2d:39:3a:6f:05:cd:d8:42:
91:ac:cd:c4:66:7a:35:a0:78:0a:db:e0:19:93:90:53:3e:5f:
1e:d2:4f:8c:3f:4a:39:46:b4:c5:76:53:93:6d:1a:e2:0c:d8:
f0:c4:43:59:f4:2c:5a:65:23:51:63:3b:f5:01:f1:2b:91:50:
b8:47:a2:16:64:5e:d5:15:36:e9:2d:15:69:0d:3d:e2:82:d0:
7b:63:32:06:a3:08:92:bf:eb:b6:9c:1d:13:0b:19:ef:d2:e3:
a7:4c:8d:d1:ec:09:d1:ff:8e:66:fb:82:76:21:e1:58:f7:18:
b1:dc:57:99:91:86:de:05:ad:06:ff:41:06:d1:02:4a:a5:20:
72:6a:3e:1c:8e:66:49:d2:fe:3e:79:f3:a1:c9:ad:30:e9:6f:
b0:11:1b:21:f2:9b:a9:61:51:2a:ca:3b:71:94:72:0b:d3:6f:
2e:d7:e4:99:56:64:61:67:69:0d:b9:a3:dd:02:bb:e1:0d:16:
9c:c2:da:2f:a1:78:10:f8:3a:c6:9b:ea:89:d1:2e:2e:41:c2:
42:55:3e:cf:6c:80:f9:9d:6a:01:c2:50:36:83:bf:9d:85:7d:
a1:f8:8c:1e:d2:ca:75:11:84:7a:bc:3d:b0:79:c0:df:3d:4f:
0e:d7:f8:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdwDKDERzuakrrQYNfQwmInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNDExMTEyMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjdiYzExYzJhOTM0NjVkZWQwYzEwYzg0Y2JlMjJiYjRjN2YzMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV1sgd5WFQ4boYbQMBix6FdTfokp
E/kHlRAjCYi6dxHRyYtTFiaAAW+/NbU0u1qQ4sLWHpsn1R6UpBeFcSxoy+aItTYt
DIoUJ54jswegjwiKYtHd2FW7vfZDr7GZd7LGEQ2wX2H3Y/FO2RlpZc/0/QLknvU8
L55RTOdWk6fkd7k/58UsnoVJMI/Pidc6cA6FGrlHBajU6B3WnFpqdUnD1mA7hCp2
AGR0c+Yr63+CR2A2l6QwyTh8MF4OHw9Yv8mSeIuN2rWvNYImHCM+kD0MNqC/55MQ
RKydV2fAE0ixEI3tsrVyVqL7Xc//LaXAzYtqAm7OEbCIdpcvUzYUtR6BxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPZ7wRwqk0Zd7QwQyEy+IrtMfzGdMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvOW52QkhDcVRSbDN0REJESVRMNGl1MHhfTVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsYAwQA
WfsbMA0GCSqGSIb3DQEBCwUAA4IBAQBtWDQdCyIv4sKWLTk6bwXN2EKRrM3EZno1
oHgK2+AZk5BTPl8e0k+MP0o5RrTFdlOTbRriDNjwxENZ9CxaZSNRYzv1AfErkVC4
R6IWZF7VFTbpLRVpDT3igtB7YzIGowiSv+u2nB0TCxnv0uOnTI3R7AnR/45m+4J2
IeFY9xix3FeZkYbeBa0G/0EG0QJKpSByaj4cjmZJ0v4+efOhya0w6W+wERsh8pup
YVEqyjtxlHIL028u1+SZVmRhZ2kNuaPdArvhDRacwtovoXgQ+DrGm+qJ0S4uQcJC
VT7PbID5nWoBwlA2g7+dhX2h+Iwe0sp1EYR6vD2wecDfPU8O1/gF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org